Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system, comprising: one or more computing devices that implement a task execution service; one or more compute instances, wherein the one or more compute instances comprise agent software, and wherein the agent software is executable to receive task execution documents from the task execution service and initiate local task execution based at least in part on the task execution documents; and one or more other computing devices that implement a decentralized task execution interface, wherein the decentralized task execution interface is executable to: determine that the task execution service is offline or unreachable by the one or more other computing devices that implement the decentralized task execution interface; select, from the one or more compute instances, a set of one or more compute instances; establish one or more network connections with the selected set of one or more compute instances without invoking the task execution service; send, in response to the determination that the task execution service is offline or unreachable, one or more task execution documents via the one or more network connections to the agent software of the respective compute instances of the selected set of one or more compute instances, wherein the task execution service is bypassed in sending the one or more task execution documents by the decentralized task execution interface to the respective compute instances of the selected set of one or more compute instances, and wherein execution of one or more tasks is initiated on the respective compute instances of the selected set of one or more compute instances by the agent software based at least in part on the one or more task execution documents; and receive, from the agent software of the respective compute instances of the selected set of one or more compute instances, one or more responses of the one or more tasks, wherein the task execution service is bypassed by the decentralized task execution interface in receiving the one or more responses from the agent software of the respective compute instances of the selected set of one or more compute instances.
2. The system as recited in claim 1 , wherein the selected set of one or more compute instances are disconnected from a publicly accessible network, and wherein the one or more network connections with the selected set of one or more compute instances comprise one or more connections over a private network.
This invention relates to a secure computing system designed to isolate compute instances from public networks while maintaining private network connectivity. The system addresses the challenge of securing sensitive workloads by ensuring that selected compute instances operate in an isolated environment, inaccessible from external networks. These compute instances are connected only through a private network, which provides a controlled and secure communication channel. The private network connections enable secure data transfer and interaction between the isolated compute instances and other authorized systems or services within the same private network. This approach mitigates risks associated with public network exposure, such as unauthorized access or data breaches, while still allowing necessary communication within a trusted internal infrastructure. The system may include additional features such as dynamic instance selection, automated network configuration, and security policies to further enhance isolation and control over the compute instances. By leveraging private network connections, the system ensures that sensitive operations remain protected from external threats while maintaining operational efficiency.
3. The system as recited in claim 1 , wherein a modified task execution document is generated based at least in part on the execution of the one or more tasks, and wherein the task execution service is executable to: receive the modified task execution document; and send the modified task execution document to additional agent software of one or more additional compute instances, wherein execution of one or more additional tasks is initiated on the one or more additional compute instances by the additional agent software based at least in part on the modified task execution document.
This invention relates to distributed task execution systems, specifically improving workflow automation in cloud or distributed computing environments. The problem addressed is the need for dynamic task execution and coordination across multiple compute instances without manual intervention or rigid pre-configuration. The system includes a task execution service that manages the execution of tasks across multiple compute instances. Each compute instance runs agent software that receives and processes task execution documents, which define the tasks to be performed. After executing the tasks, the agent software generates a modified task execution document reflecting the results or state changes. This modified document is sent back to the task execution service, which then distributes it to additional compute instances. The additional agent software on these instances uses the modified document to initiate further tasks, enabling a chain of dependent or sequential operations. The system allows for flexible, automated workflows where the output of one set of tasks dynamically triggers subsequent tasks on other compute instances, improving efficiency and adaptability in distributed computing environments. The invention eliminates the need for static, pre-defined workflows by enabling real-time adjustments based on task execution outcomes.
4. A computer-implemented method, comprising: determining that a task execution service is offline or unreachable by a task execution interface, wherein agent software of a compute instance is executable to receive task execution documents from the task execution service and initiate local task execution based at least in part on the task execution documents; establishing a connection between the task execution interface and the agent software of the compute instance over one or more communication channels, wherein the connection between the task execution interface and the agent software of the compute instance is established without invoking the task execution service; sending, in response to the determining that the task execution service is offline or unreachable, a task execution document from the task execution interface to the agent software of the compute instance, via the connection over the one or more communication channels, wherein the task execution service is bypassed in sending the task execution document by the task execution interface to the compute instance, and wherein execution of one or more tasks is initiated on the compute instance by the agent software based at least in part on the task execution document; and receiving, at the task execution interface from the agent software of the compute instance, one or more responses of the one or more tasks, wherein the task execution service is bypassed in receiving the one or more responses.
This invention relates to a fault-tolerant task execution system for cloud computing environments. The problem addressed is the disruption of task execution when a central task execution service becomes unavailable, leading to delays or failures in processing tasks across distributed compute instances. The system includes a task execution interface and agent software running on compute instances. When the central task execution service is offline or unreachable, the task execution interface detects this condition and establishes a direct connection to the agent software on the compute instance. This connection bypasses the task execution service entirely, allowing the interface to send task execution documents directly to the agent software. The agent software then initiates and executes the specified tasks locally on the compute instance. After execution, the agent software sends the task responses back to the task execution interface, again bypassing the central service. This approach ensures continuous task execution even when the central service is unavailable, improving system reliability and reducing downtime. The direct communication between the interface and agent software maintains the workflow without requiring intervention from the task execution service.
5. The method as recited in claim 4 , wherein the compute instance is disconnected from a publicly accessible network, and wherein the one or more networks comprise one or more private networks.
This invention relates to secure computing environments, specifically methods for managing compute instances in isolated network configurations. The problem addressed is the need to enhance security for compute instances by restricting their network access while still allowing necessary communication within private networks. The method involves operating a compute instance in a disconnected state from publicly accessible networks, meaning it cannot be directly reached or accessed from the internet or other external networks. Instead, the compute instance communicates exclusively through one or more private networks, which are isolated from public access. This setup ensures that the compute instance remains protected from external threats while still enabling secure internal communication. The compute instance may be configured to perform various tasks, such as data processing, application hosting, or other computational workloads, all within the constraints of the private network environment. The private networks may include internal corporate networks, virtual private clouds, or other secure network segments. The method ensures that all data transfers and communications involving the compute instance occur only within these private networks, preventing exposure to public network vulnerabilities. This approach is particularly useful for sensitive workloads, such as financial transactions, healthcare data processing, or other applications requiring high security. By isolating the compute instance from public networks, the method reduces the attack surface and mitigates risks associated with external network exposure. The private networks may be further secured with additional measures, such as firewalls, encryption, or access controls, to enhance overall security.
6. The method as recited in claim 4 , further comprising: sending a set of task execution documents from the task execution service to a document cache external to the task execution service, wherein the task execution document sent to the compute instance is derived from the set of task execution documents in the document cache.
This invention relates to task execution systems, specifically improving efficiency in distributing and managing task execution documents across compute instances. The problem addressed is the latency and resource overhead in repeatedly fetching task execution documents from a central service, which can slow down task processing and increase network traffic. The system includes a task execution service that generates or manages task execution documents, which contain instructions or data needed to perform specific tasks. These documents are sent to a document cache external to the task execution service, allowing compute instances to retrieve them without direct interaction with the service. The cache acts as an intermediary, reducing the load on the task execution service and minimizing delays in task execution. When a compute instance needs a task execution document, it retrieves the document from the document cache rather than requesting it directly from the task execution service. This approach ensures that the task execution service is not overwhelmed by repeated requests, improving scalability and performance. The document cache may be shared among multiple compute instances, further optimizing resource usage. The invention also includes mechanisms to ensure the document cache remains up-to-date, such as periodic synchronization or invalidation of outdated documents. This ensures that compute instances always have access to the latest task execution documents while maintaining efficiency. The overall system enhances task execution speed, reduces network congestion, and improves the reliability of task processing in distributed computing environments.
7. The method as recited in claim 4 , further comprising: sending the task execution document from the compute instance to additional agent software of one or more additional compute instances, wherein execution of the one or more tasks is initiated on the one or more additional compute instances by the additional agent software based at least in part on the task execution document.
This invention relates to distributed task execution in computing systems, specifically addressing the challenge of efficiently coordinating and initiating tasks across multiple compute instances. The system involves a primary compute instance that generates a task execution document containing instructions for one or more tasks. This document is sent to agent software running on the primary compute instance, which processes the document to initiate task execution locally. Additionally, the task execution document is transmitted to agent software on one or more secondary compute instances. The agent software on these secondary instances interprets the document to initiate and manage the execution of the specified tasks. The system ensures that tasks are distributed and executed across multiple compute instances in a coordinated manner, improving scalability and resource utilization. The task execution document may include details such as task parameters, dependencies, and execution priorities, allowing the agent software to handle complex workflows. This approach enables dynamic task distribution and parallel processing, enhancing system efficiency and responsiveness.
8. The method as recited in claim 4 , further comprising: generating a modified task execution document based at least in part on the execution of the one or more tasks on the compute instance; and submitting the modified task execution document to the task execution service, wherein the modified task execution document is sent from the task execution service to additional agent software of one or more additional compute instances, wherein execution of one or more additional tasks is initiated on the one or more additional compute instances by the additional agent software based at least in part on the modified task execution document.
This invention relates to distributed task execution systems, specifically improving the automation and coordination of tasks across multiple compute instances. The problem addressed is the lack of efficient mechanisms for dynamically updating and propagating task execution instructions across a distributed computing environment, leading to inefficiencies in workflow automation and resource utilization. The method involves executing one or more tasks on a compute instance, where the tasks are defined in a task execution document. After execution, a modified task execution document is generated based on the results or state of the executed tasks. This modified document is then submitted to a task execution service, which distributes it to additional compute instances. Agent software on these additional compute instances receives the modified document and initiates the execution of one or more additional tasks as specified. This allows for dynamic, cascading task execution across multiple compute instances, enabling more flexible and responsive workflow automation. The system ensures that task execution can be adapted in real-time based on the outcomes of previous tasks, improving efficiency and reducing manual intervention.
9. The method as recited in claim 4 , further comprising: sending an additional task execution document from the task execution service to the agent software of the compute instance, wherein execution of one or more additional tasks is initiated on the compute instance by the agent software based at least in part on the additional task execution document.
This invention relates to distributed computing systems where tasks are dynamically assigned to compute instances. The problem addressed is the need for efficient and scalable task execution in cloud or distributed environments, where compute instances must receive and process tasks without manual intervention. The invention provides a system where a task execution service manages and distributes tasks to compute instances running agent software. The agent software on each compute instance monitors for incoming task execution documents, which contain instructions for executing one or more tasks. When a task execution document is received, the agent software initiates the execution of the specified tasks on the compute instance. The invention further includes sending additional task execution documents to the agent software, allowing the task execution service to dynamically assign new tasks to the compute instance as needed. This ensures continuous and flexible task processing without requiring preconfiguration or manual intervention. The system improves scalability and efficiency by enabling real-time task distribution and execution across multiple compute instances.
10. A non-transitory computer-readable storage medium storing program instructions that, if executed, perform: determining that a task execution service is offline or unreachable by a computing device, wherein agent software of a compute instance is executable to receive task execution documents from the task execution service and initiate local task execution on the compute instance based at least in part on the task execution documents; establishing a connection between a task execution interface on the computing device and the agent software of the compute instance over one or more networks, wherein the connection between the task execution interface and the agent software of the compute instance is established without invoking the task execution service; sending, in response to the determining that the task execution service is offline or unreachable, a task execution document from the task execution interface on the computing device to the agent software of the compute instance, via the connection over the one or more networks, wherein the task execution service is bypassed in sending the task execution document by the task execution interface to the compute instance, and wherein execution of one or more tasks is initiated on the compute instance by the agent software based at least in part on the task execution document; and receiving, at the task execution interface from the agent software of the compute instance, one or more status updates associated with the one or more tasks, wherein the task execution service is bypassed in receiving the one or more status updates.
This invention relates to a system for managing task execution in a distributed computing environment when a central task execution service is unavailable. The problem addressed is the disruption of task execution when the central service is offline or unreachable, leading to delays or failures in task processing. The solution involves a computing device with a task execution interface that can communicate directly with agent software on a compute instance, bypassing the central service. When the task execution service is determined to be offline or unreachable, the computing device establishes a direct connection to the agent software on the compute instance over a network. The task execution interface sends task execution documents to the agent software, which then initiates and manages task execution locally on the compute instance. The agent software also sends status updates back to the task execution interface, allowing the computing device to monitor task progress without relying on the central service. This approach ensures continuous task execution and monitoring even when the primary task execution service is unavailable, improving system resilience and reliability.
11. The non-transitory computer-readable storage medium as recited in claim 10 , wherein the compute instance is disconnected from a publicly accessible network, and wherein the one or more networks comprise one or more private networks.
This invention relates to secure computing environments, specifically systems for managing compute instances that are isolated from publicly accessible networks. The technology addresses the problem of securing sensitive data processing by ensuring compute instances operate within private networks, reducing exposure to external threats. The system involves a non-transitory computer-readable storage medium containing instructions for managing compute instances, where these instances are intentionally disconnected from public networks. Instead, they communicate exclusively over one or more private networks, enhancing security by limiting access to authorized entities only. The compute instances are dynamically provisioned and managed, with their network configurations enforced to maintain isolation. This approach mitigates risks associated with public network exposure, such as unauthorized access or data breaches, while still allowing necessary internal communications. The system may also include mechanisms for monitoring and enforcing network policies to ensure compliance with security requirements. By restricting connectivity to private networks, the invention provides a robust solution for protecting sensitive workloads in cloud or on-premises environments.
12. The non-transitory computer-readable storage medium as recited in claim 10 , wherein the program instructions are further computer-executable to perform: sending a set of task execution documents from the task execution service to a local cache associated with the computing device, wherein the task execution document sent to the compute instance is derived from the set of task execution documents in the local cache.
This invention relates to distributed computing systems, specifically optimizing task execution in cloud or edge computing environments. The problem addressed is the inefficiency in task execution due to repeated retrieval of task execution documents from remote servers, leading to increased latency and bandwidth usage. The system includes a task execution service that manages task execution documents, which contain instructions for executing tasks on computing devices. To improve efficiency, the task execution service sends a set of these documents to a local cache associated with a computing device. When a compute instance (a virtual or physical machine executing tasks) needs a task execution document, it retrieves the document from the local cache rather than querying the remote task execution service. This reduces network traffic and speeds up task execution. The local cache stores multiple task execution documents, allowing the compute instance to access them quickly. The task execution service ensures that the documents in the local cache are up-to-date, either by periodic updates or on-demand requests. This caching mechanism minimizes delays caused by network latency and server response times, particularly in distributed systems where multiple compute instances may require the same or similar task execution documents. The invention improves performance by leveraging local storage to reduce reliance on remote servers for task execution instructions.
13. The non-transitory computer-readable storage medium as recited in claim 10 , wherein the program instructions are further computer-executable to perform: sending the task execution document from the compute instance to additional agent software of one or more additional compute instances, wherein execution of the one or more tasks is initiated on the one or more additional compute instances by the additional agent software based at least in part on the task execution document.
This invention relates to distributed task execution in computing systems, specifically addressing the challenge of efficiently coordinating and initiating tasks across multiple compute instances. The system involves a compute instance executing agent software that generates a task execution document containing instructions for one or more tasks. This document is then sent to additional agent software running on one or more other compute instances. The receiving agent software interprets the task execution document and initiates the execution of the specified tasks on the additional compute instances. The task execution document may include details such as task parameters, dependencies, and execution requirements, ensuring that tasks are performed correctly across the distributed system. This approach enables scalable and coordinated task execution in environments where tasks need to be distributed across multiple computing resources, improving efficiency and resource utilization. The system is particularly useful in cloud computing, distributed processing, and large-scale data processing applications where tasks must be dynamically allocated and executed across a network of compute instances.
14. The non-transitory computer-readable storage medium as recited in claim 10 , wherein the program instructions are further computer-executable to perform: generating a modified task execution document based at least in part on the execution of the one or more tasks on the compute instance; and submitting the modified task execution document from the computing device to the task execution service, wherein the modified task execution document is sent from the task execution service to additional agent software of one or more additional compute instances, wherein execution of one or more additional tasks is initiated on the one or more additional compute instances by the additional agent software based at least in part on the modified task execution document.
15. The non-transitory computer-readable storage medium as recited in claim 10 , wherein the program instructions are further computer-executable to perform: sending an additional task execution document from the task execution service to the agent software of the compute instance, wherein execution of one or more additional tasks is initiated on the compute instance by the agent software based at least in part on the additional task execution document.
A system for managing task execution in a distributed computing environment addresses the challenge of efficiently distributing and initiating tasks across multiple compute instances. The system includes a task execution service that generates and sends task execution documents to agent software running on compute instances. These documents contain instructions for executing tasks on the compute instances. The agent software processes the documents and initiates the execution of the specified tasks. To enhance flexibility and scalability, the system allows the task execution service to send additional task execution documents to the agent software, enabling the initiation of further tasks on the compute instance. This ensures that tasks can be dynamically assigned and executed as needed, improving resource utilization and responsiveness in distributed computing environments. The system supports automated task management, reducing manual intervention and improving efficiency in large-scale computing operations.
16. The non-transitory computer-readable storage medium as recited in claim 10 , wherein the compute instance is provided by a multi-tenant provider network comprising a plurality of available compute instances.
A system and method for managing compute instances in a multi-tenant cloud environment addresses the challenge of efficiently allocating and utilizing shared computing resources across multiple tenants. The invention involves a non-transitory computer-readable storage medium storing instructions that, when executed, enable a compute instance to be dynamically provisioned from a pool of available compute instances within a multi-tenant provider network. The compute instance is configured to execute a workload, such as a software application or service, while ensuring isolation and security between different tenants sharing the same underlying infrastructure. The system may include mechanisms for monitoring resource usage, scaling compute instances based on demand, and enforcing access controls to prevent unauthorized interactions between tenants. The multi-tenant provider network dynamically allocates compute instances from a plurality of available instances, optimizing resource utilization and reducing costs by sharing infrastructure across multiple users. This approach improves efficiency, scalability, and cost-effectiveness in cloud computing environments by leveraging shared resources while maintaining tenant isolation.
Unknown
March 24, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.